A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #1653  by a_d_13
 Thu Jul 22, 2010 8:13 pm
See the article for details:
http://www.newscientist.com/blogs/short ... e-tro.html

In short:
- The malware does NOT reside in firmware.
- Instead, a flash chip on the motherboard was infected with this worm (Win32.Spybot).

Seems like another vendor accidentally shipping a flash memory device with malware on it. Lots of places are reporting this as a "hardware trojan" - it's not, actually. If anyone has a server with this infection, it'd be interesting to know if any AV detects it, and how the flash memory is set up.

Thanks,
--AD